International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Improved High-Order Masked Generation of Masking Vector and Rejection Sampling in Dilithium

Authors:
Jean-Sébastien Coron
François Gérard
Tancrède Lepoint
Matthias Trannoy
Rina Zeitoun
Download:
DOI: 10.46586/tches.v2024.i4.335-354
URL: https://tches.iacr.org/index.php/TCHES/article/view/11795
Search ePrint
Search Google
Abstract: for Dilithium, the post-quantum signature scheme recently standardized by NIST. We improve the masked generation of the masking vector y, based on a fast Booleanto- arithmetic conversion modulo q. We also describe an optimized gadget for the high-order masked rejection sampling, with a complexity independent from the size of the modulus q. We prove the security of our gadgets in the classical ISW t-probing model. Finally, we detail our open-source C implementation of these gadgets integrated into a fully masked Dilithium implementation, and provide an efficiency comparison with previous works.
BibTeX
@article{tches-2024-34468,
  title={Improved High-Order Masked Generation of Masking Vector and Rejection Sampling in Dilithium},
  journal={IACR Transactions on Cryptographic Hardware and Embedded Systems},
  publisher={Ruhr-Universität Bochum},
  volume={2024},
  pages={335-354},
  url={https://tches.iacr.org/index.php/TCHES/article/view/11795},
  doi={10.46586/tches.v2024.i4.335-354},
  author={Jean-Sébastien Coron and François Gérard and Tancrède Lepoint and Matthias Trannoy and Rina Zeitoun},
  year=2024
}